Connectivity and Networking

High availability of your IT infrastructure is achieved with thorough planning and ongoing monitoring.

To start with, we identify services that are essential for business continuity, and those where availability is desirable but not essential.

For each level of service, we work with you to decide how far the organisation is willing to go to ensure availability. This should be based on budget, staff expertise, and overall tolerance for service outages.

We then identify the systems or components related to each service, and identify the possible points of failure for these systems. Each point of failure is assessed for impact, the business tolerance for failure and frequency of ongoing monitoring.

A Virtual Private Network (VPN) is a secure connection to another network over the Internet. VPNs can be used for a variety of purposes. Common purposes of VPNs include access region-restricted websites, to shield your browsing activity from prying eyes on public Wi-Fi among others.

However, for IT Grove and our clients, VPNs are primarily used to connect business networks together securely over the internet and/or allow you to securely access a business network from home.

If you would like more information how IT Grove can supply a suitable VPN for your business needs please contact us.

Multi-factor authentication (MFA) is an authentication technique that requires a user to present at least two factors that prove their identity. One is typically your username and password, which is something you know. The other could be something you have such as a digital certificate on your device and/or a one time password (OTP) generated from your mobile phone.

Adding this additional factor to your login enhances security and makes it just a little bit harder for criminals to impersonate you. So, yes, it is a very good idea.

MFA is not fool-proof but it is an major improvement on simple username/password authentication.’

Contact us to find out more.

Does this apply to you? Do you access your systems remotely using a remote desktop client without a VPN? If so, contact us immediately. You are a going to be a ransomware target. If not today – then sometime soon.

Using remote desktop or RDP across the Internet without a VPN is extremely dangerous. Some claim that changing the port offers some protection. It doesn’t. The security of your systems and data is only as good as the strength of your username/password at best. Do not allow RDP traffic into your network without the protection of a VPN. We cannot stress this enough.

The compilation of a Disaster Recovery Plan (DRP) can be a complex undertaking. However, for most businesses an approach where ‘less is more’ might be the best way of achieving a good outcome. A DRP is more than just IT and involves all aspects of your business and how to protect it in the event of a disaster. A disaster could be anything from ransomware, hacking, equipment failure, fire, flood or any other natural disaster. A key member of staff run over by a bus. That could be a disaster for your business too.

In brief, the DRP involves:
– Creating the DR team
– Identify and assess the disaster-related risks
– Determine the critical applications and data
– Specify backup, off-site processes and other remedial action
– Testing and maintenance of the DRP

Does your business need a DRP? In some form – yes you do. Some thought needs to be given to the key risks to your business and the likelihood of those risks presenting themselves. From this, you can put in place timely and cost-effective remedial action to manage these risks.

It isn’t rocket science and you really need to give it some thought.

Contact us to find out more.

Conventional wisdom tells us that frequent password changes are good and is a best practice approach. However, the conventional wisdom was wrong as this was NEVER true. It was just a lazy way to avoid implementing a proper password policy in the 90s.

What usually happened was that a 30-day or 45-day mandatory password change was forced on end-users and they would game the system or write down their current password on a sticky note next to their computer. Come on, you know that still happens. 

Alternatively, the end-user would add a number to the end of the password and then change the number each time and then write the new password down next to their computer. After a certain number of enforced changes, they found they could repeat the same passwords over and over again.

None of that sounds very secure to us.

We advocate the standards of the United States National Institute for Standards and Technology (NIST) Special Publication 800-63-3: Digital Authentication Guidelines where regular password changes are NOT implemented.
Ref: https://pages.nist.gov/800-63-3/sp800-63b.html

We suggest that passwords are to be changed as required and as specified by the duty manager or following a trigger event. This will usually be in response to an event such as staff member changes or evidence of a suspected breach of security.

We suggest that a long password, not from a dictionary, is the best approach. Let’s say 13 or more characters that are easy to remember. Personally, I think of a series of unrelated words with some numbers thrown in. If you want to add upper case characters and other special characters, then feel free to add these. Have fun with it. 

The most important aspect is that a long password is required.